Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Libsoup
(Gnome)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 8 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2018-07-05 | CVE-2018-12910 | The get_cookies function in soup-cookie-jar.c in libsoup 2.63.2 allows attackers to have unspecified impact via an empty hostname. | Ubuntu_linux, Debian_linux, Libsoup, Ansible_tower, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Openshift_container_platform | 9.8 | ||
| 2018-06-04 | CVE-2018-11713 | WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp in the libsoup network backend of WebKit, as used in WebKitGTK+ prior to version 2.20.0 or without libsoup 2.62.0, unexpectedly failed to use system proxy settings for WebSocket connections. As a result, users could be deanonymized by crafted web sites via a WebSocket connection. | Libsoup, Webkitgtk\+ | 6.5 | ||
| 2012-08-20 | CVE-2012-2132 | libsoup 2.32.2 and earlier does not validate certificates or clear the trust flag when the ssl-ca-file does not exist, which allows remote attackers to bypass authentication by connecting with a SSL connection. | Libsoup | N/A | ||
| 2011-08-31 | CVE-2011-2524 | Directory traversal vulnerability in soup-uri.c in SoupServer in libsoup before 2.35.4 allows remote attackers to read arbitrary files via a %2e%2e (encoded dot dot) in a URI. | Libsoup | N/A |